CHAPTER 1: MANAGING INFORMATION - STESGlobal

ACCA – PM: PERFORMANCE MANAGEMENT CHAPTER 1: MANAGING INFORMATION

4

CHAPTER 1: MANAGING INFORMATION

LEARNING OUTCOME

At the end of the chapter, you should be able to:

TLO A1a. Explain the role of information systems in organisations

TLO A1b. Discuss the costs and benefits of information systems

TLO A1c. Explain the uses of the internet, intranet, wireless technology and networks

TLO A1d. Discuss the principal controls required in generating and distributing internal information

TLO A1e. Discuss the procedures which may be necessary to ensure the security of highly confidential information that is not for external consumption


5

Introduction of Managing Information System

Role of performance management system is to provide information for planning, control, decision makings and performance measurement. This information must be able to deal with financial and non-financial issues relating to internal and external environment.

In this chapter, we look at the role, costs and benefits of information systems in managing the increasing volume of data and information available to management.

The managers must be able to access to reliable and relevant information instantly to react to performance management issues promptly. Hence, management of information system such as controls over, procedures and security in the generation and distribution of information is an integral part of performance management.

1.1 Role of Information Systems

Learning Outcome (ACCA Study Guide Area A) A1a: Explain the role of information systems in organisations.

Information systems is a combination of hardware, software and communication capability where planned procedures, suitably designed forms, an appropriate organisation structure and managers who are capable of using the output that is produced to assist them in the administration and use of available resources.

The output from the systems falls into two groups:

Routine reports or transaction documents are those required to conform to business conventions, such as payslips, invoices sent to customers, purchase orders sent to suppliers and works orders sent to the factory, daybook listings or standard letters

Management information in the form of reports which are summaries of or extracts from the data which has been processed, e.g. labour cost analyses, sales analyses, stock reports.

1.1.1 What is Information System


6

Information system provides planning tools that can assist management in obtaining information on available resources, timelines and possible outcomes under different operating scenarios.

Business transactions need to be recorded as evidence or due to legal requirement for accounting and auditing purposes, as well as for the determination of production costs and profit.

Information systems can assist in the collection, analysis and presentation of costs, sales revenues, quantities and profitability data for comparison between actual results and budgets to be carried out for performance evaluation purpose.

Information systems can be used to monitor and control the actual result achieved in comparison against budgets in order to determine whether it is performing as expected or there is unexpected deviation that need to be corrected.

Internal and external information collected and processed by information systems will provide the necessary information required by management in making informed decisions.

1.1.2 Planning

1.1.3 Recording and Processing Transactions

1.1.4 Monitoring and Measuring Performance

1.1.5 Control

1.1.6 Decision Making


7

1.2 Costs and Benefits of Information Systems

Learning Outcome (ACCA Study Guide Area A) A1b: Discuss the costs and benefits of information systems.

Ease of access to qualify information and the speedy transmission of information are important factors that give business a competitive edge, enabling them to survive and succeed in an increasingly competitive global market.

Information systems can:

There are costs associated with the acquisition, implementation, and maintenance of information systems beyond the price of hardware and software. As these costs sometimes account for budget shortfall, it is important to recognize problem areas and minimize their impact on the organization.

System upgrade requires additional training or system modification. Costs related to other work that may be disrupted or displaced in favour of the system implementation. Conversion costs include developing procedures to transfer the data to the new system, testing, and

cleaning the data. Maintenance costs associated with licensing the hardware and software, supporting users, maintaining

the application and files, and performing routine quality control. Effective budgeting through the use of an activity-based approach may be used to keep IT expenditure under control, which can be further supported by a return on investment (ROI) calculation in analysing the costs and benefits for information system decision.

1.2.1 Benefits of Information System

1.2.2 Costs of Information System


8

1.3 Networks, Internet, Intranet and Wireless Technology

Learning Outcome (ACCA Study Guide Area A) A1c: Explain the uses of the internet, intranet, wireless technology and networks

Local Area Networks

Organisations connect their computers together in local area networks (LANs). This enables data sharing and device sharing within the organisation which widely improve the efficiency and productivity of businesses.

Advantages Disadvantages Sharing of resources (i.e. DVDs, printers,

scanners, modems and hard drives)

Client and server relationship

Sharing of internet and software program Faster and easier communication

Data security problem Limitation of distance

Server crashes and disconnection issues High set-up costs

Wide Area Networks

Wide area networks (WANs) are used to connect LANs. WANs facilitate communication from one location to another.

Advantages Disadvantages Covers large geographical area

Centralised data Sharing of software and resources

Allows for distribution of workload and reduced travel charges

Security problems

Maintenance issues Server crashes and disconnection issues

High set-up costs

The Internet is global system connecting wide network of computers and the websites are available for all. It contains different source of information and all users can access to the website across the world to communicate and exchange information. Meanwhile, Intranet is an exclusive or private network that can be accessed only by a specific group of people that share information internally but not with outsiders. For example, many corporations, government agencies and universities have their own intranets. An organization's intranet is developed by its own staff and run as the organisation internal database that form an organisation wide network.

1.3.1 Network

1.3.2 Internet vs Intranet


9

Diagram1.3.2: The use of Internet

Table 1.3.2: Internet and Intranet Advantages and Disadvantages

Internet Intranet

Advantages

Easy access to large populations worldwide

Reduced costs and time

Higher flexibility and response quality

Increases employee productivity Allows for greater collaboration

Allows idea sharing and simplifies decision making

Disadvantages Coverage error

Cyber security threats Computer illiteracy

Potential security risks

Time consuming and costly Can be counter productive

Extranet is an intranet that allows external parties whom are assigned username and password to have limited access for the exchange of information.

Wireless technology refers to technology that allows us to communicate without using cables or wires, with the employment of radio frequency (RF) and infrared (IR) waves.

This allows:

Remote working and increase flexibility Improve productivity (because employees can work collaboratively at their own place) Reduced costs as the business expands (because it is easier to add new users to a wireless network

than to install new cabling) Setting up the equipment for wireless technology required certain amount of cost and training.

Organisation should implement IT control on the data access to avoid leakage of data to unauthorised people.

1.3.3 Extranet

1.3.4 Wireless Technology


10

Table 1.3.4: Advantages and Disadvantages of Wireless Technology

Advantages Disadvantages Better mobility Cost effective

Scalability

Potential security issues Restricted range and lower reliability

Less speed and control

1.4 Principal Controls in Generating and Distributing Internal Information

Learning Outcome (ACCA Study Guide Area A) A1d: Discuss the principal controls required in generating and distributing internal information.

Internal information is usually confidential and commercially sensitive. Hence, controls need to be implemented in the generation of internal information for the preparation of routine and ad-hoc reports.

Table 1.4.1: Controls over generating internal information in routine reports and ad-hoc reports

1.4.1 Controls Over Generating Internal Information


11

Information should only be available to authorised personnel and organisation should implement controls over the distribution of internal information to avoid valuable data being misused by unlawful means.

1.5 Procedure to Ensure the Security of Highly Confidential Information

Learning Outcome (ACCA Study Guide Area A) A1e: Discuss the procedures which may be necessary to ensure the security of highly confidential information that is not for external consumption

Diagram 1.5.1: Types of security and Confidential Procedures

1.4.2 Controls Over Distributing Internal Information

1.5.1 Security and Confidential Information


12

The following are procedures that can be put in place in measuring the security of highly confidential information that is not meant for external consumption.

Security Procedure Explanation

i. Passwords Passwords assigned to individuals or terminals is a good mean to restrict access of information. It ensures the security and confidentiality of data that is stored on various workstations and servers across organisation. Any attempted unauthorised access can be tracked and prevented.

ii. Logical access systems

Data and software or individual computer systems are classified according to the sensitivity and confidentiality of date in a logical access system. Logical access control is control put in a place to prevent those who already have access to a terminal or computer from gaining access to data or software.

a) Examples of confidential and sensitive data are payroll data and details of corporate strategies planning., hence only selected authorised personnel are given access to this information.

b) Other confidential financial information such as costs and cashflows can only be accessed by certain employees only (E.g.: Finance Officer).

c) Other data may be classified as non-confidential with unrestricted access.

The logical access system will perform the following three steps of checking in performing as control function when access is requested by a user:

1. The user’s Identification (ID) 2. Authenticating the user’s ID 3. Determining the user’s authority in accessing certain type of information

iii. Database controls

Database is usually accessible by large numbers of people which could lead to security risks such as unauthorised access, alteration, deletion or damage to data. Complex passwords or restricted disclosure of information to personnel could avoid data being leaked. Computer security inference controls attempt to prevent users from inferring this information.

iv. Firewalls A firewall can be software-based or hardware-based or combination both, which is used to prevent unauthorized access into company systems, connected to the internet such as intranet; and also, to protect data from corruption by viruses.

v. Personnel data protection

Nowadays, countries have introduced the Data Protection Act to safeguard individuals from having their personal information being misused by unauthorized third parties.

vi. Anti-virus and anti-spyware software

Antivirus software is a program or set of programs that are designed to prevent, detect, and remove software viruses, and other malicious software that could damage files and data.

Anti-spyware helps to prevent the installation of spyware that could steal important data from organisation such as banking details, browsing history or other personal information.

vii. Encryption It is the scrambling of data during transmission from one place of an organisation to another in order to make the data incomprehensive by any eavesdroppers.

viii. Other security measure

Authentication technique used in ensuring only messages from authorised senders are accepted.


13

1.6 Check Understanding

Learning Outcome (ACCA Study Guide Area A): A1a: Explain the role of information systems in organisations A1b: Discuss the costs and benefits of information systems A1c: Explain the uses of the internet, intranet, wireless technology and networks A1d: Discuss the principal controls required in generating and distributing internal information A1e: Discuss the procedures which may be necessary to ensure the security of highly confidential

information that is not for external consumption Question 1 (LO A1d & A1e)

The accounting department of a public listed company generates information which are highly sensitive and must not be disclosed to anyone who works outside of the department. There are many other functional departments working within the same building. Which of the following would be an effective control procedure for the generation and distribution of the information within the accounting department?

A. All departmental employees must enter personal and regularly changed passwords to access their computers

B. Departmental employees should be allowed to work from home to complete undone jobs and use a memory stick to save and transfer data

C. Only authorised employees can the entre the department after swiping an officially issued, personal identity card at the entrance

D. Minimise printing of hard copies. Hard copies with confidential information locked overnight in a safe if needed again.

Question 2 (LO A1a)

List down the FOUR main of performance management information system? Question 3 (LO A1b)

Senior management of a privately-owned company is considering buying and equipping each of its sale personnel with a laptop. List down three possible benefits and three possible costs that the management need to consider in finalising the decision? Question 4 (LO A1c)

Which of the following will enable management to communicate with internal and external stakeholders of the company?

A. Wireless connection B. Intranet C. Network D. Internet


14

1.7 Check Understanding: Answer

Answer: Question 1 (LO A1d & A1e)

A memory stick is much more likely to get mislaid and compromise security. It is likely that memory sticks could get lost or that information is left on home computers.

In the context of the scenario all the other options are good practice Answer: Question 2 (LO A1a)

The main role of performance management information system is to provide information for:

Planning Control Decision makings Performance measurement Answer: Question 3 (LO A1b)

Benefits Costs

Engage with customers effectively. Speedy feedback could enable them to lock in sales.

Cost of upgrading and integrating information system.

Save time while making delivery and pricing decisions.

Cost of training the sales personnel.

A well-integrated system will enable sales personnel check on availability of inventory and possible time scale.

Cost of buying the laptops and the software.

Answer: Question 4 (LO A1c)

Wireless connection Network Internet (The intranet will enable communication within company only)


15

1.8 Chapter 1: Summary

Diagram 1.8: Summary of Managing information

CHAPTER 1: MANAGING INFORMATION - STESGlobal

Documents

Transcript of CHAPTER 1: MANAGING INFORMATION - STESGlobal